package frontend.core;

import org.apache.wicket.authroles.authentication.AuthenticatedWebSession;
import org.apache.wicket.authroles.authorization.strategies.role.Roles;
import org.apache.wicket.request.Request;

import backend.model.User;
import backend.service.LoginService;

public class PrometeicaWebSession extends AuthenticatedWebSession {

	private static final long serialVersionUID = 1L;
	public static final String LOGIN_USERNAME_ATTR = "username";
	public static final String LOGIN_FULL_NAME_ATTR = "fullname";

	public PrometeicaWebSession(Request request) {
		super(request);
	}

	@Override
	public Roles getRoles() {
		Roles roles = new Roles();
		if (isSignedIn()) {
			// TODO: take the roles from database also
			roles.add("USER");
		}
		return roles;
	}

	@Override
	public boolean authenticate(final String username, final String password) {
		LoginService loginService = PrometeicaWebApplication.getService(LoginService.class);
		User loginUser = loginService.authenticate(username, password);
		if (loginUser != null) {
			setAttribute(LOGIN_USERNAME_ATTR, username);
			setAttribute(LOGIN_FULL_NAME_ATTR, loginUser.getFullname());
			return true;
		}
		return false;
	}

}
